Ransomware is the current bane of security experts and businesses alike. Infection rates over the last year and a half have increased dramatically. Unfortunately, the majority of businesses are unaware of the risks or how easy it is to become infected. As an example, there have been instances where adverts on well-known, reputable websites have redirected to ransomware, causing immediate infection on unprotected computers. At this point, there are more than 124 separate variants of ransomware. More common strains are various versions of Locky and Cryptolocker. Ransomware is now at the forefront of malware innovation, with virulent strains of ransomware able to operate only in the memory of a computer, leaving no trace on the computer's file system. This makes it increasingly difficult for security specialists, software, and developers to prevent attacks. Here are some tips which you can use in case one of your computers becomes infected:
- Try and detect the infection as soon as possible. It takes time for ransomware to encrypt files and if it is found in the early stages of infection then the damage can be more easily rectified.
- Use some software to detect ransomware. At Datcom we have written an application which reports back to our Network Operations Centre if there is a possibility of infection, and also indicates the user who might be infected.
- Identify the computer which is causing the infection and disconnect the Ethernet cable or switch off the Wi-Fi. If you are unsure, turn off the computer too.
- Train your team to respond if they receive a ransomware pop-up (it is surprising how many people will close the infection alert and not notify anyone, losing valuable minutes or hours.)
- Switch off folder sharing on the server in case the virus has spread to more than one computer.